Thursday, 07 July 2011 19:33

Offline Address Book (OAB) Versions 2 and 3a rebuild fails due to Missing PDN

Written by

Some of us would have faced the issue that the failure of OAB update in version 2 and 3a due to various issues. Recently I have faced this issues and the resolution was simple when it got resolved, but till then it was really tuff.

Here are the couple events which are logged in the Application event viewer of generating server when the failure happens during the OAB update interval(ensure you enable the dignostic logging at least to medium for troubleshoting this issue).

-----------------------------------------------------------------------------------------------------
Event Type:        Warning
Event Source:    MSExchangeSA
Event Category:                OAL Generator
Event ID:              9341
Date:                     7/6/2011
Time:                     4:28:07 PM
User:                     N/A
Computer:          OAB-HeloED
Description:
The parent Legacy Exchange DN container value '/O=ExhangeDictionary/OU=HeloED/cn=Recipients' was not found during generation of the differential update file for offline address list '\Global Address List'.  This will force clients using this offline address list to do a full download of the offline address list.
- Default Offline Address List
Event Type:        Warning
Event Source:    MSExchangeSA
Event Category:                OAL Generator
Event ID:              9341
Date:                     7/6/2011
Time:                     5:30:14 PM
User:                     N/A
Computer:          OAB-HeloED
Description:
The parent Legacy Exchange DN container value '/o=NT5/ou=E89FD54116DCER4E8C5A3B737229A0AB' was not found during generation of the differential update file for offline address list '\Global Address List'.  This will force clients using this offline address list to do a full download of the offline address list.
- Default Offline Address List
Event ID: 9360
Category: OAL Generator
Source: MSExchangeSA
Type: Error
Date:7/6/2011
Time:5:30:14 PM
Computer: OAB-HeloED
Description:
OALGen encountered an error while generating the changes.oab file for version 2 and 3 differential downloads of address list '\Global Address List'.  The offline address list has not been updated so clients will not be able to download the current set of changes.  Check other logged events to find the cause of this error.
-----------------------------------------------------------------------------------------------------
The above issue happens due the PDN changes. There are few reasons for the PDN changes, some are

Manually modifying the legacyExchangeDN and during then there could be typo etc. Adding one more administrative group and deletion of a mail enabled users, mailbox or a DL which was the last object available in the organization with the pointed PDN in the event ID 9341 description (for e.g. migrating to exchange 2007 or 2010 will create new administrative group and once we have done with the removal of all old version of exchange on the First Administrative Group) etc.

Impact: The affected versions of OAB due to the above situations are OAB version 2 and 3a. When you install the SP2 for Exchange 2003 exchange creates a newer version 4 which is not affected. The clients affected are the outlook 2003 SP1 and older versions.

Now let’s look at the solution area.

Though the event ID and the description are almost the same, the approach is a little different or can be same as well(choice leave to you once you complete reading this).

Section 1

Let’s look at the important part of event description,

 “The parent Legacy Exchange DN container value '/O=ExhangeDictionary/OU=HeloED/cn=Recipients' was not found during generation of the differential update”

You may follow one of the 2 options below to resolve this issue, again depends upon you exchange infrastructure setup.

Solution #1:

Regenerate the OAB with the registry value ‘OAL post full if diff fails’. This registry key can be added when you are running exchange 2003 SP2 version.  Follow the below steps,

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click to select the following registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type OAL post full if diff fails, and then press ENTER.
  5. Right-click OAL post full if diff fails, and then click Modify.
  6. In the Value data box, type 0x1 (1).
  7. Quit Registry Editor.

Important Note – The above changes will build a full version of all that fail. So if you have a very large number of audiences who are using the older version of client then the changes will force them to download the entire OAB instead of the changes.oab file. So if the clients are connecting remotely, there could be chances for unresponsiveness, high network traffic etc. due to the full download.

So if you are little confused/hesitant to go with the above solution, you may try the below suggestion.

Solution #2:

Create a created a temporary account OABUser and stamp the missing PDN into the legacyExchangeDN of this object.

To do this, follow the steps below.

  1. Create a Mail Enabled user(do not require to have a mailbox user) and wait for the RUS to stamp the exchange attributes into the new object.
  2. Open Adsiedit.msc and locate the newly created user.
  3. Open properties and locate the LegacyExchangeDN value.
    1. LegacyExchangeDN-1
  4. Click on Edit button and modify the value like below
    1. LegacyExchangeDN-2
  5. Give some time to replicate(if the exchange using this the same AD server as configuration DC you may go to next step immediately).
  6. Rebuild the OAB from the ESM(Exchange System Manager)

You would see that the OAB update was successful since we have manually added the missing PDN into the configuration data. I would say this option is safer to those who has more number of users affected. Because the second option will not regenerate the entire OAB, instead it will create changes.oab and hence the client will only download this difference file when they contact next time for OAB update.

Section 2

Second version of the description is,

“The parent Legacy Exchange DN container value '/o=NT5/ou=E89FD54116DCER4E8C5A3B737229A0AB' was not found during generation of the differential update file for offline address…”

If there is an exchange object which does not have a LegacyExchangeDN value and if the OAB generation is running the NT DS will provide a temporary LegacyExchangeDN that begins with /o=NT5/cn={GUID of the forest}.  It is not possible to see the value using LDAP query or adsiedit intead you will have to use MAPI interface or run the OABInteg against your OAB server.

Solution #1

In this again, you may regenerate the full OAB by following the same procedure by adding the registry value ‘OAL post full if diff fails’(see solution #1 in Section 1) . Also read the important note of the same section.

Solution #2

Add the registry value (it is possible from the exchange build 6.5. 7569.0) “OAL NT5 DN Rejection” . Follow the below steps to do that.

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click to select the following registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type OAL NT5 DN Rejection, and then press ENTER.
  5. Right-click OAL NT5 DN Rejection, and then click Modify.
  6. In the Value data box, type 0x1 (1).
  7. Quit Registry Editor.

Note – This will skip the NT DS temporary LegacyExchangeDN assigned objects when creating/updating the OAB file.

Solution #3

Create Mail Enabled object as mentioned in the above PDN scenario solution #2 and add the /o=NT5/ou=E89FD54116DCER4E8C5A3B737229A0AB into the LegacyExchangeDN filed(shown below as an e.g.)

LegacyExchangeDN-NT5

Hope you have some actions points now to work around/fix your OAB issue before you reach out some escalation team and Microsoft. I also understand that the number of older version clients are very less, but still there are more users using older versions of client in large organizations which are in process of transforming their infrastructure to Exchange 2010 or at least to 2007.

Important Note - The procedure is more or less the same in the all version of exchange from Exchange 2003 SP2, but it is applicable only when you use the public folder to maintain the OAB versions, and not webfolders.

Interested to know more? Read a well written article from Dgoldman's WebLog

-Praveen

theme by reviewshub